My PC is connected to ISP via cable mode. I've been seriously flooded with arp requests. Here is a little log from tcpdump to see what I mean:
I tried a lot of stuff to do with iptables to reject or drop this incoming thing, some of them succeeded, but completely disconected me from the outer world Others didn't do anything. I tried to restrict incoming connections via their mac address (-m mac --mac-address...) and put a reject all rule before these rules but that stopped all incoming conns. If I put the reject all rule after the others that arp flood didn't get stopped at all.
I tried with "-m state --state" and different states - INVALID, NEW, ESTABLISHED and rejected them, but that didn't help. Well, rejecting NEW conns actually DID help, but I don't want to cut off my connection at all
Someone have an different idea?

Errr.. I forgot to mention. 192.168.192.1 is my gateway It's kinda stupid to be flooded from it's own gateway :/ I can't drop it, becouse it will f*ck up my net totaly. Does anyone have an idea how to cut ONLY these arp things? Can this wierd stuff be provoked from my box? I mean, not remote PC's fault, but mine?

Might make more sense to figure out why your gateway is generating so much ARP traffic. Is the gateway yours (part of your LAN) or does it belong to your ISP (is part of the ISPs cable network infrastructure)?

ARP traffic is always broadcast to the local segment. It's the only way to tell where to send packets for a particular IP. If your gateway cannot send ARP requests to you, then you have no way of telling it where you are and thus no traffic will get forwarded to you. It looks like your Internet provider is using a gigantic LAN rather than properly segmenting it. It seems that the entire 192.168.0.0/16 is one huge subnet.

It is part of my ISP gigantic cable network (/22 mask, i dunno why they have done that) and it is behind my cable modem.
If I can't reject that fully, can I put a limit rate of 2-3/s (for example) requests to me? That would seriously stop the flood.
Btw, I wrote an e-mail to my ISP telling them the problem, but I know the competency of their work and don't expect answer or something be done on the trouble soon.

That's bigger than a /22. It goes as low as .195 and as high as .207. That's at least a /20 (unless I'm bad at math again, which is quite possible). You don't really want to rate limit those ARP requests because you might end up rate-limiting one to you (unless there's some way you can filter based on ARP content with iptables, but I really doubt that).

The good news is that they don't require any response by your machine, so there's really very little difference between accepting them and dropping them. It's not like TCP or UDP where you have to generate a response packet back even if the port is closed, because ARP doesn't work that way.

yeah, i also have this problem. the ip of my eth0 (interface which is facing the internet) is 82.38.x.x.

20:31:54.354636 arp who-has 82.38.43.24 tell 82.38.40.1
20:31:54.365234 arp who-has 82.38.43.26 tell 82.38.40.1
20:31:54.373088 arp who-has 82.38.43.33 tell 82.38.40.1
20:31:54.379446 arp who-has 82.38.44.145 tell 82.38.40.1
20:31:54.383702 arp who-has 82.47.163.194 tell 82.47.162.1
20:31:54.385327 arp who-has 82.38.43.37 tell 82.38.40.1
20:31:54.401013 arp who-has 82.38.43.251 tell 82.38.40.1
20:31:54.431703 arp who-has 82.38.43.64 tell 82.38.40.1
20:31:54.437526 arp who-has 82.38.43.65 tell 82.38.40.1
20:31:54.444977 arp who-has 82.38.42.66 tell 82.38.40.1
20:31:54.460424 arp who-has 82.38.43.96 tell 82.38.40.1
20:31:54.474147 arp who-has 82.38.42.115 tell 82.38.40.1
20:31:54.474595 arp who-has 82.38.43.98 tell 82.38.40.1
20:31:54.476170 arp who-has 82.38.43.99 tell 82.38.40.1
20:31:54.477372 arp who-has 82.38.43.100 tell 82.38.40.1
20:31:54.481648 arp who-has 82.38.46.18 tell 82.38.40.1

etc...

i must get about 100 requests a second. strange.